Comment 4 for bug 1793244

Hi,

Changing fw driver don't means anything in fact. When You spawned vms You had "hybrid_connection" set to False in binding profile so libvirt connected vms directly to br-int.
iptables fw driver require hybrid connection to be set to True so basically now You disabled security groups at all.
It may be that problem is in openvswitch firewall driver somewhere but it also can be something different.
Can You maybe turn openvswitch fw driver again and send list of all openflow rules from br-int on both nodes then?
Also some informations about what kind of network it is (vlan, flat) and some debugging exactly on which interface Your packets are dropped would be useful.